Followup to: <[EMAIL PROTECTED]>
By author: Peter Samuelson <[EMAIL PROTECTED]>
In newsgroup: linux.dev.kernel
>
>
> [jesse]
> > 1. Your server closes all open directory file descriptors and chroots.
> > 2. Someone manages to run some exploit code in your process space which--
>
> mkdir("foo")
> chroot("foo")
BUG: you *MUST* chdir() into the chroot jail before it does you any
good at all!
I usually recommend:
mkdir("foo");
chdir("foo");
chroot(".");
> Bottom line: once you are in the chroot jail, you must drop root
> privileges, or you defeat the purpose. Security-conscious coders know
> this; it's not Linux-specific behavior or anything.
Indeed. They also know the above.
-hpa
--
<[EMAIL PROTECTED]> at work, <[EMAIL PROTECTED]> in private!
"Unix gives you enough rope to shoot yourself in the foot."
http://www.zytor.com/~hpa/puzzle.txt
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [EMAIL PROTECTED]
Please read the FAQ at http://www.tux.org/lkml/
